T-Mobile says hacker accessed personal data of 37 million customers - TechCrunch

In a fiscal filing connected Thursday, T-Mobile revealed that a hacker accessed a trove of idiosyncratic information belonging to 37 cardinal customers.

The telecom elephantine said that the “bad actor” started stealing the data, which includes “name, billing address, email, telephone number, day of birth, T-Mobile relationship fig and accusation specified arsenic the fig of lines connected the relationship and program features,” since November 25.

In the SEC filing, T-Mobile said it detected the breach much than a period later, connected January 5, and that wrong a time it had fixed the occupation that the hacker was exploiting.

The hackers, according to T-Mobile, didn’t breach immoderate institution system, but alternatively abused an exertion programming interface, oregon API.

“Our probe is inactive ongoing, but the malicious enactment appears to beryllium afloat contained astatine this time, and determination is presently nary grounds that the atrocious histrion was capable to breach oregon compromise our systems oregon our network,” the institution wrote.

This is the eighth clip T-Mobile was hacked since 2018. The astir caller incidental was successful 2022, erstwhile a radical of hackers known arsenic Lapsus$ were capable to summation entree to the company’s interior tools, which gave them the accidental to transportation retired alleged SIM swaps, a benignant of hack wherever hackers instrumentality implicit a victim’s telephone fig and past effort to leverage that to reset and entree the target’s delicate accounts specified arsenic email oregon cryptocurrency wallets.

T-Mobile did not instantly respond to a petition for comment.